SB20251230171 - Use-after-free in Linux kernel typec altmodes driver
Published: December 30, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251230171
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2023-54186)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pin_assignment_show() function in drivers/usb/typec/altmodes/displayport.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/08bd1be1c716fd50a7df48f82dcbc59a103082b5
- https://git.kernel.org/stable/c/0e61a7432fcd4bca06f05b7f1c7d7cb461880fe2
- https://git.kernel.org/stable/c/4f9c0a7c272626cb6716ffc7800e8c73260cdce6
- https://git.kernel.org/stable/c/54ee23e4ab263a495ace1eed43d3883212ece17f
- https://git.kernel.org/stable/c/d8f28269dd4bf9b55c3fb376ae31512730a96fce
- https://git.kernel.org/stable/c/fc0e18f95c88435bd8a1ceb540243cd7fbcd9781
- https://git.kernel.org/stable/c/ff466f77d0a56719979c4234abd412abd98eae8f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181